[ALSA-2025:7466] Moderate: delve and golang security update
Type:
security
Severity:
moderate
Release date:
2025-07-02
Description:
Delve is a debugger for the Go programming language. The goal of the project is to provide a simple, full featured debugging tool for Go. Delve should be easy to invoke and easy to use. Chances are if you're using a debugger, things aren't going your way. With that in mind, Delve should stay out of your way as much as possible. Security Fix(es): * golang: crypto/x509: crypto/x509: usage of IPv6 zone IDs can bypass URI name constraints (CVE-2024-45341) * golang: net/[http:](http:) net/[http:](http:) sensitive headers incorrectly sent after cross-domain redirect (CVE-2024-45336) * crypto/internal/nistec: golang: Timing sidechannel for P-256 on ppc64le in crypto/internal/nistec (CVE-2025-22866) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Updated packages listed below:
Architecture Package Checksum
aarch64 golang-bin-1.23.7-1.el10_0.alma.1.aarch64.rpm 180e09494b33c5e1fa38279b1b9a3cce8751f78de15e9001d0dd155273132e03
aarch64 delve-1.24.1-1.el10_0.aarch64.rpm 4ff815ca1f048e10be1cb74978650077f75175286c2437d3edafd3c8752e120a
aarch64 go-toolset-1.23.7-1.el10_0.alma.1.aarch64.rpm b176dbb07462722c62bcd2dbb97c4044703f0c45591bac7bf04eb03c36343275
aarch64 golang-1.23.7-1.el10_0.alma.1.aarch64.rpm cf4b141a6f4e2b97198f4b0727118e5af5b69205d838ae124b2f045fd2bae1cc
noarch golang-docs-1.23.7-1.el10_0.alma.1.noarch.rpm 32fff62ab18d61eac0c68eed66cfbd0a793c99f5fc39b91ada6abe9384c1a7e1
noarch golang-misc-1.23.7-1.el10_0.alma.1.noarch.rpm 5b6f50b2a512925b6b233058c7833a888cc2879f882ebd3340a514714973db32
noarch golang-src-1.23.7-1.el10_0.alma.1.noarch.rpm bb5e2c673d590b851456e03a6377978b7ce2f55a9616536b3b5efa72d131120c
noarch golang-tests-1.23.7-1.el10_0.alma.1.noarch.rpm fdd098c94e230afd4b94308666ee1a2534d470d9a28f0cb3eecfa1c015895a95
ppc64le golang-bin-1.23.7-1.el10_0.alma.1.ppc64le.rpm 3afea0f9f95b372b7c9604104c85c9df6c9e960053671dbadbcf7557a97df9d0
ppc64le go-toolset-1.23.7-1.el10_0.alma.1.ppc64le.rpm 9fea8dbe5824c21f73d6c77dd8cabe7350c62f78aa1be3d2652e4f7faf80902d
ppc64le delve-1.24.1-1.el10_0.ppc64le.rpm a9d58eabda1428e5f74cefb8662b5d9d21a4c9c79ab59a555db9d7f6241d843b
ppc64le golang-1.23.7-1.el10_0.alma.1.ppc64le.rpm e7e9b70445cdc572777ef007ca1c2bad6dcd4b4a6c1074b78a536549863b6d31
s390x golang-bin-1.23.7-1.el10_0.alma.1.s390x.rpm 0035ebdc1478a8b56ccdf95b329f61cdf83a86eb2533a885d3f495af53095da4
s390x go-toolset-1.23.7-1.el10_0.alma.1.s390x.rpm 65428c7145d5242dbc7998529b2b40aae775138bc5e143e1d248ec0e4da285fa
s390x golang-1.23.7-1.el10_0.alma.1.s390x.rpm 803259d704ef9f1d297d258ca84c6d1febc4266ede14845f63105a1068342806
x86_64 golang-bin-1.23.7-1.el10_0.alma.1.x86_64.rpm 175baccfca9b437be0c648459450f6b8c70ee2192650e24e8ca3f8c027fd51aa
x86_64 go-toolset-1.23.7-1.el10_0.alma.1.x86_64.rpm 34c3ee558b21cb0f74beed8b70a996d93be45c18da88c8522c14f9a3985ebb8c
x86_64 golang-1.23.7-1.el10_0.alma.1.x86_64.rpm 3d28a9956f0416603af4ddf0a3c8d94a1e0471de18b3a72945eaab9b36aa69e4
x86_64 delve-1.24.1-1.el10_0.x86_64.rpm c058b5d81a7ed48bd3d67f1e1a01fdcd5dff3b1a02493776340ce39e7e91bfea
x86_64_v2 golang-1.23.7-1.el10_0.alma.1.x86_64_v2.rpm 070abf399b795443dc5ec91938752f33826b711d52fe1e5da9c92cf78cdddda8
x86_64_v2 delve-1.24.1-1.el10_0.x86_64_v2.rpm 08519abebf95ed19095f182ce83c2c46a4d4a01380f673039a33a9b9ce7684ce
x86_64_v2 golang-bin-1.23.7-1.el10_0.alma.1.x86_64_v2.rpm 13147e0576808a6bbf6b6175d89abc0e038b46370a1bd6039935d57cca55eb5e
x86_64_v2 go-toolset-1.23.7-1.el10_0.alma.1.x86_64_v2.rpm 5c4922e0d4f007efa4688e8ee4d158832eb880acf8c2ffd19b5574b79d8844d8
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.